<?php
error_reporting(E_ALL ^ E_NOTICE);
@header("content-Type: text/html; charset=UTF-8");
define('IN_ROOT', substr(dirname(__FILE__), 0, -7));
define("_ROOT", "./");
$php_self = addslashes(htmlspecialchars($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']));
$timestamp = time();

require_once(_ROOT.'include/version.php');
// 防止 PHP 5.1.x 使用时间函数报错
if(function_exists('date_default_timezone_set')) {
	@date_default_timezone_set('UTC');
}
// 加载数据库配置信息
require_once(_ROOT."config.inc.php");
require_once(_ROOT . "include/mysql.inc.php");

//database
  $db = new DB ();
  $db->connect ();

//template
include_once (_ROOT . "/include/template.inc.php");
define("_TPLCachePath_", _ROOT . '/cache/');
define("_TPLCacheLimit_", 1800);

// cache
if (!@include(_ROOT.'cache/cache_settings.php')) {
	require_once(_ROOT.'include/cache.inc.php');
	rethestats('settings');
	exit('<p>Settings caches successfully created, please refresh.</p>');
}
if ($options['gzipcompress'] && function_exists('ob_gzhandler')) {
	@ob_start('ob_gzhandler');
} else {
	$options['gzipcompress'] = 0;
	ob_start();
}

$timeoffset = (!$options['server_timezone'] || $options['server_timezone'] == '111') ? 0 : $options['server_timezone'];
//检查主机是否支持mod_rewrite
if (function_exists('apache_get_modules')) {
	$apache_mod = apache_get_modules();
	if (!in_array('mod_rewrite',$apache_mod)) {
		$options['rewrite_enable'] = 0;
	}
}
$cachelost  = '';
$cachelost .= (@include _ROOT.'cache/cache_statistics.php') ? '' : 'statistics,';
$cachelost .= (@include _ROOT.'cache/cache_settings.php') ? '' : 'cache_settings,';
$cachelost .= (@include _ROOT.'cache/cache_sites.php') ? '' : 'sites,';
//$cachelost .= (@include _ROOT.'cache/cache_comments.php') ? '' : 'newcomments,';
$cachelost .= (@include _ROOT.'cache/cache_categories.php') ? '' : 'categories,';
$cachelost .= (@include _ROOT.'cache/cache_links.php') ? '' : 'links,';

if($cachelost) {
	require_once(_ROOT.'include/cache.inc.php');
	$cachelost = explode(',',$cachelost);
	echo '<p>Cache List:</p><p>';
	foreach ($cachelost as $name) {
		if($name) {
			rethestats($name);
			echo $name.'<br>';
		}
	}
	exit('</p><p>Caches successfully created, please refresh.</p>');
}

$options = stripslashes_array($options);
$linkcache = stripslashes_array($linkcache);
$catecache = stripslashes_array($catecache);
$page = intval($_GET['page']);

// 允许程序在 register_globals = off 的环境下工作
$onoff = function_exists('ini_get') ? ini_get('register_globals') : get_cfg_var('register_globals');
if ($onoff != 1) {
	@extract($_POST, EXTR_SKIP);
	@extract($_GET, EXTR_SKIP);
	@extract($_COOKIE, EXTR_SKIP);
}


// 去除转义字符
function stripslashes_array(&$array) {
	if (is_array($array)) {
		foreach ($array as $k => $v) {
			$array[$k] = stripslashes_array($v);
		}
	} else if (is_string($array)) {
		$array = stripslashes($array);
	}
	return $array;
}
@set_magic_quotes_runtime(0);
// 判断 magic_quotes_gpc 状态
if (@get_magic_quotes_gpc()) {
    $_GET = stripslashes_array($_GET);
    $_POST = stripslashes_array($_POST);
    $_COOKIE = stripslashes_array($_COOKIE);
}
// 获得散列
function formhash() {
	global $ixnauser, $ixnauid, $ixnapw, $timestamp;
	return substr(md5(substr($timestamp, 0, -7).$ixnauser.$ixnauid.$sax_pw), 8, 8);
}

// base64编码函数
function authcode($string, $operation = 'ENCODE') {
	$string = $operation == 'DECODE' ? base64_decode($string) : base64_encode($string);
	return $string;
}
//转换字符
function char_cv($string) {
	$string = htmlspecialchars(addslashes($string));
	return $string;
}
//获得IP地址
if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
	$onlineip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
	$onlineip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
	$onlineip = getenv('REMOTE_ADDR');
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
	$onlineip = $_SERVER['REMOTE_ADDR'];
}
$onlineip = addslashes($onlineip);
@preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches);
$onlineip = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
unset($onlineipmatches);

//截断
function msubstr($str, $start, $len){
  $str = trim($str);
  mb_substr($str, $start, $len, "UTF-8");
  $tmpstr = mb_substr($str, $start, $len, "UTF-8");
  return $tmpstr;
}

//前台身份验证
list($ixnauid, $ixnapass, $logincount) = $_COOKIE['ixnaauth'] ? explode("\t", authcode($_COOKIE['ixnaauth'], 'DECODE')) : array('', '', '');
$ixnauid = intval($ixnauid);
$ixnapass = addslashes($ixnapass);
$ixnagroup = 4;
if (!$ixnauid || !$ixnapass) {
	$ixnauid = 0;
} else {
	$user = $db->fetch_one_array("SELECT username,password,logincount,groupid FROM {$tablepre}xna_users WHERE uid='$ixnauid'");
	if ($user['password'] == $ixnapass && $user['logincount'] == $logincount) {
		$ixnauser = $user['username'];
		$ixnagroup = $user['groupid'];
	} else {
		$ixnauid = 0;
		$ixnapass = '';
		setcookie('ixnaauth', '');
	}
}
if($ixnagroup == 1) {
	error_reporting(E_ERROR | E_WARNING | E_PARSE);
}
$formhash = formhash();
//身份验证结束

//格式化时间
function sadate($format,$timestamp=''){
	global $options,$timeoffset;
	!$timestamp && $timestamp = time();
	return gmdate($format,$timestamp+$timeoffset*3600);
}
?>